Malware Analysis Report

2024-09-09 17:37

Sample ID 240614-gflzla1cpl
Target a8337e80f82e5f7dd1117088371d7d8c_JaffaCakes118
SHA256 bc0ae276808e67524a3e314f18e9a8091338dc8ce8b04ba32809290c7a2ec5fe
Tags
banker discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

bc0ae276808e67524a3e314f18e9a8091338dc8ce8b04ba32809290c7a2ec5fe

Threat Level: Likely malicious

The file a8337e80f82e5f7dd1117088371d7d8c_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion impact persistence

Checks if the Android device is rooted.

Queries information about the current nearby Wi-Fi networks

Queries information about running processes on the device

Loads dropped Dex/Jar

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Reads information about phone network operator.

Requests dangerous framework permissions

Queries information about active data network

Queries information about the current Wi-Fi connection

Uses Crypto APIs (Might try to encrypt user data)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks memory information

Checks CPU information

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-14 05:44

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 05:44

Reported

2024-06-14 05:48

Platform

android-x86-arm-20240611.1-en

Max time kernel

170s

Max time network

182s

Command Line

com.jy.ironman.app.android

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /data/local/su N/A N/A
N/A /data/local/bin/su N/A N/A
N/A /data/local/xbin/su N/A N/A
N/A /sbin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/data/com.jy.ironman.app.android/.jiagu/classes.dex N/A N/A
N/A /data/data/com.jy.ironman.app.android/.jiagu/classes.dex!classes2.dex N/A N/A
N/A /data/data/com.jy.ironman.app.android/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.jy.ironman.app.android/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.jy.ironman.app.android/.jiagu/tmp.dex N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A s.appjiagu.com N/A N/A
N/A b.appjiagu.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.jy.ironman.app.android

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.jy.ironman.app.android/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.jy.ironman.app.android/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&

getprop ro.product.cpu.abi

getprop ro.miui.ui.version.name

getprop ro.build.version.opporom

getprop ro.vivo.os.version

getprop ro.smartisan.version

sh -c ps

ps

ps

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 beacon-api.aliyuncs.com udp
CN 8.132.237.161:80 beacon-api.aliyuncs.com tcp
US 1.1.1.1:53 log.tbs.qq.com udp
HK 129.226.107.80:443 log.tbs.qq.com tcp
US 1.1.1.1:53 mpush-api.aliyun.com udp
CN 140.205.160.128:80 mpush-api.aliyun.com tcp
US 1.1.1.1:53 adashxgc.ut.taobao.com udp
CN 59.82.33.251:443 adashxgc.ut.taobao.com tcp
CN 8.132.237.161:80 beacon-api.aliyuncs.com tcp
US 1.1.1.1:53 app-api.12kedu.cn udp
US 1.1.1.1:53 dxp.baidu.com udp
CN 39.156.66.180:443 dxp.baidu.com tcp
HK 162.209.243.70:443 app-api.12kedu.cn tcp
CN 106.11.248.144:80 mpush-api.aliyun.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.46:443 android.apis.google.com tcp
CN 106.15.83.128:80 beacon-api.aliyuncs.com tcp
CN 106.15.83.128:80 beacon-api.aliyuncs.com tcp
CN 106.11.243.160:80 mpush-api.aliyun.com tcp
CN 106.11.253.96:80 mpush-api.aliyun.com tcp
US 1.1.1.1:53 adashbc.ut.taobao.com udp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
US 1.1.1.1:53 hmma.baidu.com udp
HK 103.235.47.161:443 hmma.baidu.com tcp
CN 8.132.215.224:80 beacon-api.aliyuncs.com tcp
CN 8.132.215.224:80 beacon-api.aliyuncs.com tcp
CN 59.82.33.251:443 adashxgc.ut.taobao.com tcp
US 1.1.1.1:53 s.appjiagu.com udp
US 104.192.110.60:80 s.appjiagu.com tcp
US 1.1.1.1:53 mpush-api.aliyun.com udp
CN 106.11.253.96:80 mpush-api.aliyun.com tcp
CN 47.116.84.225:80 beacon-api.aliyuncs.com tcp
CN 106.11.248.144:80 mpush-api.aliyun.com tcp
CN 47.116.84.225:80 beacon-api.aliyuncs.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 106.11.243.160:80 mpush-api.aliyun.com tcp
CN 139.196.135.6:80 beacon-api.aliyuncs.com tcp
CN 139.196.135.6:80 beacon-api.aliyuncs.com tcp
CN 59.82.33.251:443 adashxgc.ut.taobao.com tcp
CN 140.205.160.128:80 mpush-api.aliyun.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 39.156.66.180:443 dxp.baidu.com tcp
US 1.1.1.1:53 b.appjiagu.com udp
CN 180.163.249.208:80 b.appjiagu.com tcp
CN 106.63.25.33:80 b.appjiagu.com tcp
CN 59.82.33.251:443 adashxgc.ut.taobao.com tcp
CN 59.82.33.251:443 adashxgc.ut.taobao.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
US 1.1.1.1:53 mpush-api.aliyun.com udp
CN 106.11.248.144:80 mpush-api.aliyun.com tcp
CN 106.11.243.160:80 mpush-api.aliyun.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 59.82.33.251:443 adashxgc.ut.taobao.com tcp
US 1.1.1.1:53 dxp.baidu.com udp
CN 39.156.66.180:443 dxp.baidu.com tcp
CN 106.11.253.96:80 mpush-api.aliyun.com tcp
CN 140.205.160.128:80 mpush-api.aliyun.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 59.82.33.251:443 adashxgc.ut.taobao.com tcp
CN 59.82.33.251:443 adashxgc.ut.taobao.com tcp
CN 39.156.66.180:443 dxp.baidu.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp

Files

/data/data/com.jy.ironman.app.android/.jiagu/libjiagu.so

MD5 2c1a490890ff15348d2fc3815b2cfb3d
SHA1 922e1e5539c40ad5bed578a9cea9f076df02eaee
SHA256 4a272d3707e61d656a95d20b944a402a4ae39b79013e3a47a93c0faa3eefc6da
SHA512 3a910269e855c3c9a31e40d2d18d166d3c3dc08bb9b063e363be8e737181389e9cc67be8d9ef8d1a63ca0500d0d028aa2562e6fb979beb1a1cccf0fe4d1d1853

/data/data/com.jy.ironman.app.android/.jiagu/classes.dex

MD5 78359f69764c9d302e95fef27f76cc76
SHA1 45880b98146ebb7af2bb829a07375c27110fd5b0
SHA256 622adac1688710914b34fdf10a8c9211f04d7cf9d16a664cdb4535e0e1eea122
SHA512 0a45873853515fbf02388a3cd1ab87b48f12d43ce21fe3999053f20aa31aad3493fc3882221ded46abb98724b659bca85cc80f084a91a0e294d6a6cfcd052515

/data/data/com.jy.ironman.app.android/.jiagu/classes.dex!classes2.dex

MD5 a82a308fcb7420d422467181dbea39bb
SHA1 fcbd2ca337f8963535c8f211437a487c84f2e43b
SHA256 12715a9ff0118b0a99b28e65b91010bc8af1cf15cf2fa63391a9c1c67d4d1571
SHA512 bf99f9d8f94c7706fe25eae6388a1560bbb60efb30b08578bd70cb433830fbd9af67462582c830d819ab4e275ec7cb69e59aa9c41f4bbfd776649096bb977e52

/data/data/com.jy.ironman.app.android/.jiagu/tmp.dex

MD5 f1771b68f5f9b168b79ff59ae2daabe4
SHA1 0df6a835559f5c99670214a12700e7d8c28e5a42
SHA256 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939
SHA512 dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.ri

MD5 bbe4fb5b586c31a8d7e8c90ce5c40854
SHA1 a1a6f665f851c66e6172b47a49bbb10e84f22356
SHA256 b529f64a70be7cb93c3e5f44ebf247deec609aaa7893bf1b130bf0be3dd3ceca
SHA512 4a9db60743be640b326002d7e9033ca6dab0a6082b2ad1a0e988d7e1c6286022eb4db1f813ccbcb0634eb08e1c56bdbc20922f4e9b626ffe241bea88bc1a1ce2

/data/data/com.jy.ironman.app.android/files/.jiagu.lock

MD5 6e2050c3030756d9914c3a0bfc4ab237
SHA1 bdb4c40d1ecfbfc56dae645cfe6f9f0fce1f1c52
SHA256 1ada71d1a3c4c31df57e998ce7ed8c0067458f5a8307b5db5e87e2fb2f2e77f2
SHA512 7637acc1f82228005219b1e1e18113e8ca5e74835e82b61d6f90724b66995fe04bda9af10f81623773a9161e6d43c5feb9485bc4c075e5d6fce192210a9d98bf

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.rd

MD5 01ce0ee5018f90896fc38edce13ba887
SHA1 2df3a41670e7af9ce1e2f0ebeabe2352999f3b48
SHA256 0f05bd6a35cb8f4a0937ad0b0ea6a0744f4e518387f5e1e1bfb3500b13ffc81b
SHA512 4a6c995cd513c193fe0c3014040f37f8fec5ccdad2259f833ffa698084e7bf5217e7eee828156d8aa72fa9669763bb1c5ae28686e8ad3e492e2f248ae981831c

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.store

MD5 448e391c59eef34ee1defbe4dee4c41f
SHA1 df1f890987371d7d8e6963c68b787856e42bc146
SHA256 55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549
SHA512 ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.ac

MD5 3fbf2c51473410d8a0b09cbf00be0bf6
SHA1 49aa71e25885bb3a6cfe3c5ae973440927dbd0c3
SHA256 e387a8a7a962ed9a3b5b81858b506056fa085766ac13a6fac7909c2210101d3d
SHA512 380528fe5e8eb148431b92b16bf7b209ce205ea563cee8fdfa97b8a2836a622f1b4f310d8a710b02193d940a648cfafb04b0c78f3ca350169624ab13fa2b3a0b

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.ic

MD5 30c23761cf8e1a77016814b70e67e5cf
SHA1 d2694d8698eb58271196a3253b05dc94ef49ff85
SHA256 22ec16d541034ac05f4125dbc33dbcd3521a94e7f028fa2f56c5caecbd0c9747
SHA512 ab3ad177a57d69ad24395f31b52e270712b8634203940bbe2766a621fdc2e365c760046e7ee0278db70edd6a1b4f82f9333b141100698f66d07dbfea50a6684e

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.di

MD5 00110b94854e3342a116f720d8ac201f
SHA1 bb763583671efb8f5da382d92e3d5e4b220ad509
SHA256 9f810adf922ca71fb4442bed4d26cd285c18232768cf0bed334f7b0361b2b6d6
SHA512 d581daa4564670c481465a02c4c16491b50a936540eb928db5ab0c20aa7080ea943d6bc2c22daaf612d3305c84bdac9fb0673956303a676325aa9b601015ccdb

/storage/emulated/0/360/.iddata

MD5 a0334b57653dd75222991d3bddf34dca
SHA1 4315b7e28b4c2b695eef8bb4fcd214a99d2d2162
SHA256 f1e8cd62904197b0ff11d453bde63ac95033b2be29778352e6ba14a36a91d279
SHA512 884bceb31722a639901de5b54784a29cb3bb7ed4472a438c3077a8af1fef027ba74303aca8adb68b436b94cf18fae18b11d5b02d15383280dd6dba09be5941a9

/storage/emulated/0/360/.deviceId

MD5 1d8d16c4e3b19ebf18988530d9b9a757
SHA1 bc94c1cce05cd848a53271ecb9c5311e27ffebf5
SHA256 abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7
SHA512 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

/data/data/com.jy.ironman.app.android/app_tbs/core_private/download_upload

MD5 22f0ec2d4427d86e4f11b6e86d5a80bc
SHA1 23517438e8109e5c13e2c66dd13ad149bfcf6823
SHA256 c3edeed467b56fd6543fd8262ffcb30c4a1d84004057bf35c2db1d929e2da395
SHA512 2f6f23803b3016b026290b80360de9e9fd50c6933c129e982c75727f5dac3542e449fa679f68d33279f97fa59a6a402363be9bd5d97e6d7d917ca1f73e71611d

/storage/emulated/0/Android/data/com.jy.ironman.app.android/files/tbslog/tbslog.txt

MD5 ae5453e47f122553b56550bc2292edf0
SHA1 afce848ba03135c5c39b1f8e68bf356ce1deeed7
SHA256 71464d6662fec99616f75f94cf9d859b3aaedab7936bfde06ed6c0b169adc627
SHA512 aa6d59a9a5108508140a7a68566fc44c7fdbfaaef1828a6d9a354db15d9dfc4156c725c15bac665c5b09e95e461b07e210a33ca0ae9879233fe844198eaf387d

/data/data/com.jy.ironman.app.android/app_tbs/core_private/download_upload

MD5 af61096e5447b39d45a11be037b7db1a
SHA1 f8c3ce4f3209fc3ef7cf33f3f88fd6b5598a4463
SHA256 63cf7c369b6e33e094c608be1b8b2bc5d1a4af39b5fa87c86cdf85203f85eff3
SHA512 32db0db37c75ec6b60691547f0db5c9be642b6eb8a493dba9be65c2ae415b8d558bfee28236b35fb8600ed148a1725b4e568731b08debe8ef3e3362c4700079d

/data/data/com.jy.ironman.app.android/app_tbs/core_private/download_upload

MD5 ecf8d7e5ee4234808910d2a109f1a982
SHA1 3bb5e9662dd344a84b1ad0a0f531684db34622c3
SHA256 f25529622ca36a9d0d4b8b03a2169d21bb7278950ce037c239292005f877d894
SHA512 b529240cc9d8b7608bca92620f7ad2c654a6b27801ca940009fe3168e3e44ad1b077d26e9ccf0e0e6dd99426f7dc6fa1004a3b3222215857bc55267031a550a1

/data/data/com.jy.ironman.app.android/files/com_alibaba_aliyun_crash_defend_sdk_info

MD5 89f8026df0cc2879b62141ee83b45c20
SHA1 51863e2845d7fe465893aedba6a003e194bd0a35
SHA256 c138015ca8765d260512bc4fd03f1c7c114ae183fe73a706dd215c542b6bc1d7
SHA512 09a53fb5d5509a3a67380977abc6e20a0970a0dc387f6ecf4646e9df837124838dd552a54cef2e016fc05ebb1e3510d229038b17f5b48a632356e2b12d538e36

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 7aaa2c24978ef01a392259906f18a469
SHA1 83ca395d365b64743f50fc08ad9f11ff769ba1b1
SHA256 a8376459b6202cd6b2a204a7fd2394f040fa6b4000c87515ae1da171a49684ed
SHA512 e26fa26368db6c2e5fed85c644d9d9101f834e4bde6afa56d1a11a0cfcab78baeda2642c4c39734bf64efd7a33a2c33fb54a6843323841d400236eeafee0914d

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 7773d833187d815780828492e032b0ec
SHA1 8a7dbfa57b502855ecaf5062db49ff02a56d94f5
SHA256 e93007e9140d8907d6ccebde41ff313acb45ecf164a85c43582203cf1f9f2f8a
SHA512 44d057ccb8fa6e8c1c1bcc729fc45a2408f902affaa03db36309100cd8ed4377db5bcc90919152d8f9418ee9f6a5972c4325e5e1edb71f19821c6e7af575a38d

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 0e1f1a9ee993d66e58759343016e045c
SHA1 3efc2ccaf7c2bd6f3458fdaa97adb3812a72a9bf
SHA256 dddd694734b9019e9e823dfd37b5ca0398a29d1f21c1515d6f3699d28d55ff34
SHA512 d916e47f19554a0d34e8c0ad98a24b334a810544810df3def0eb11c7a3bb24a440d4765eb8c7631e5d50c4a6a7216b59d3163929f42f1cf71ad30dfff86563cc

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 9870d4fe7116cec868397e7ce14e2f94
SHA1 c5de622107cce364a3808e2c382a4448ec774ca3
SHA256 59159e7e8279ee2ca238230c07fd5b750dc9327b6767334ad42082a465cd1f97
SHA512 ea326886a2390ce671ac3711b14e23a9e268ccec02f3bb51c72944e6b69a35459b2cd2c9e1fee4f7e3269513e9e874cd50d55a74118b46c4b3c79cb8529ceb16

/data/data/com.jy.ironman.app.android/app_tbs/core_private/download_upload

MD5 7b694d00c38fe114e9654d6235796728
SHA1 f9e92ba92800e1fefc2e1f1dacee984be65d920a
SHA256 71a45cc30b4075d59943134396987b6d93de7c81d18e70502ff44297108c9285
SHA512 23554b2f0d239edabae8b03ab74f9b7273345373ea6c469137c852819828f11230056bbfd41b951c409acc4814d71d35fc8fc5f43dd21395ddd94e75844a08da

/data/data/com.jy.ironman.app.android/databases/ut.db-journal

MD5 a35e85adfa91272e3bf88a0305cb837a
SHA1 7653d913711e28ff6391259cfa48baa8acd94874
SHA256 b21fc747b04b67f9e6f1158041f4e2804f3adf78bdc1f26151bc1bb5416ffd8e
SHA512 7d6b39b9c019e4167bdd5eb29949cc80c01ae175f29314b0ebdbef7e0eb1303f2f6cd9780814edab853632ed7aafdc1b25bbcc8378c739d269d169bf3439acd6

/data/data/com.jy.ironman.app.android/databases/ut.db

MD5 38616785cca0600a03205f84fe330b4b
SHA1 6ac41a6bdcae297d56dac5fdde70be5faccf0832
SHA256 b05c698d5827005da5e04b4fbdcac53cfc83405247353f8e9e145969a820a4e8
SHA512 7ff2901c032607f5fa1f24a48056ae85fe8d67b6c5649233fdad7b66950d359b2fb933344bf1e2fe6255a00c593de7bcf959d201fe8b6ad214249bb31f855a08

/data/data/com.jy.ironman.app.android/databases/ut.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.jy.ironman.app.android/databases/ut.db-wal

MD5 6b6f0b47dcb6ee7afb62d814fbdf9894
SHA1 598fa225cc9cbccfb26ce9c9e2051fef13e96efa
SHA256 8c671948386508b17642a44fc7c4821d6d5448a60bdfdcd25fb51a6dad2e66c4
SHA512 96706a670be874b1267200a21ecca0a40769a918e03f4297e7738aaa8511f902209d6d7f57d92fde1739087517a08036f7d78f8a7eedba8d6ea848ad3200f1c2

/data/data/com.jy.ironman.app.android/files/libcuid.so

MD5 193a35d194ec74fa59044dcac2502e33
SHA1 84a360448c39196c93b81eb29643717ef6e44a93
SHA256 1b978dd8ff4e6ff44c8b09aa940ca40a52125de57bf85e49572d1cd397197cf6
SHA512 072e73dc0efde367cc0f9e15bb5cb2fab38aafb2afd104beadaca22775a28cf7735f675bc9e18954695635f7afa8cfa4b5f9e99be23c8cbcfa1c7ba943d8da0b

/data/data/com.jy.ironman.app.android/files/com_alibaba_aliyun_crash_defend_sdk_info

MD5 df21b227deba040cf0b040d0e65e4440
SHA1 a83676d8341a2ecbf72a0081329e0cb17776c1ce
SHA256 5b01d57011d37b1696b648854a857864d6458647e7f80c30ac580deaf6128007
SHA512 9703d6f599af75e19ac4542e4ade16b8fabb637477cdbd671dfda039364e649e41eba967ee5aef0c2a0055e70e5281fd9dab6f164c124b9a96ebda0f27b89a40

/data/data/com.jy.ironman.app.android/databases/ut.db-wal

MD5 ace8e3a853b8648569e29e996dda526d
SHA1 20545970b59954602635cfe87db9dfa5456a162f
SHA256 71149fee4f05c76f69973f6880fc7637a96562818666729b438948d75a92346a
SHA512 fd30e1d07609df11ff10e8dee6712a0a6a45846c25dfd413a2249389922886b1581a2b7ad251af19b04edfc594ef70bd468954db6c97ba159a9bc8938dce8cfb

/data/data/com.jy.ironman.app.android/databases/ut.db

MD5 a214d7cd785863f5e7fe7696cecd908a
SHA1 c43e7787686bc13cda87b5a4457c084b26c4b4a2
SHA256 f2a32d15f8d2e60bc8249048f9c80b95459118072e45738a2993065ea4975da3
SHA512 62c592867de3c703ef45fe03bb2da98118b591f6a859d358f60d4d705ca9b13712b772eca0ad3ed8e511a8ed2ceeb6fe2844e9ad504d0619722c405e87702ca4

/storage/emulated/0/backups/system/.confd-journal

MD5 b8d67ed73c4b92d5f15c7e7c195fae38
SHA1 74dfb4bbc6ecee1f6f9a0d3607aa895fa26656a4
SHA256 2eb3a9c8662b2f81fd3da6b4a1df1d2ab1a6d8eec28bcfefa5dbc0a0a4e9c3cc
SHA512 d4627062dc5639777183f17e90d9be7f64fba6d60fe8e6cd65fe4ab10adb2b7d52a949a097794895a4869d7dc768f1757e22d51be6847d6b3b25de17def41776

/storage/emulated/0/backups/system/.confd

MD5 249e034c9703afc1fd6062371c7f3da8
SHA1 9ca489179488e0fe5a35f7c0d5887f163e4890cd
SHA256 18fc5cf216b05487a87be99a662e7474bd54120f214e034b3179f40ca989352a
SHA512 b819b152548431c7892678ecdf23abe44cbdcf80e8f22707ab32a2aedb5356346b27e3c3e750665ba893d602af1c7dcca97edbac3c820859a0fc20714c22c0bd

/storage/emulated/0/backups/system/.confd-wal

MD5 d8d390ed81e590c901edc4bed09e8273
SHA1 5e1cf8ac44f1694e5978b289b44c08b4cc55c490
SHA256 204923cb9535dbd19edd8b35329af89546d4bf60964d3a7e37ef88e39bb67252
SHA512 9d1f7e8ed7fc8f12da8c0c5b13b892b87884fc6b5a8fdf85bf5720866dc5609bfd1195e3a115105f5a726bc8f44ac8d689078911084131e6c6369b0ef16109fa

/storage/emulated/0/backups/system/.timestamp

MD5 14345122f00c19cdfb39ee66e505734d
SHA1 73c1155b267b6e41363db51ae59d4b04207ab9a2
SHA256 c180287731534957c0962566e7509713a3541cbcc2f43da1f6e048629d95bc91
SHA512 7f0034c220bf8ecb46c0db92810767b8b3f7a3e35876838bdb1c201e4e7f9aa0924207d7920ec7da30675fde6768f840a272eb5197b818a634836b12dbb4f962

/storage/emulated/0/backups/system/.confd-wal

MD5 366da29fdaab50700ccf5872a6269f60
SHA1 dcdf02ae0a0cecdb3e71c51f9b2257228b21a8d2
SHA256 8846d0d92e081f3641c86025097e135334a50abeddeba0cacadc71504542ad98
SHA512 f141acf0d0f4026ae81405cc5d5c2672faadf37b5ed42e53c80fcd36b81c607274a69d464f6373871c1f684a3b495f67ba310699a446014f1b39872b8f125853

/storage/emulated/0/backups/system/.confd

MD5 8c7f6e3b52e6e841b895bbd13644ed43
SHA1 ec8daf46a7eb99c75ea1ce8582ef77b2df8455d2
SHA256 6615188d5d8fa77b44fbae7a249d073b3623316e7489c5fec95fe53188ea467c
SHA512 cffafd628e62fa915872796ee02dd8119cfebd6811291155acd400986ee5d34b244ab3b5d0bd386566724205771f665571bcb04950d390c5c60072fdb90c5280

/storage/emulated/0/backups/system/.confd-wal

MD5 6f31997c6134f7448bd9eec7c6ab3649
SHA1 e99d967217ed7fa0e6218dfa107508d157495d43
SHA256 33a777cd3442a707704882a71df193d877e1bd1ef1d2587fdb7ba207f5046e83
SHA512 761f73a2a36401a60c5225a134a7e56cb7ce85e61e5cdb751a7a84595044b0241bff65ef4f3951948784d77025e89cdb64be4d9b64dc9d3efbbc6a74101433ee

/storage/emulated/0/backups/system/.confd

MD5 f9eed2ce56d1a236b4005a52d1026a57
SHA1 994757a0e2c5dd93b70597d7cc49cca25f55037a
SHA256 60b028012cfe49cf6602dc6b026253d24df4afcd379efb051fa9bb8bdf61881e
SHA512 5d01fe14921c79ea750801d3a5a15ad47e898178622ba265177ba6003c8883d3547b8c61882e35ab5580e0789acce2be56a9c705bfad3e0b0c5dac796ad372f4

/storage/emulated/0/backups/system/.timestamp

MD5 8e9bc13346609cc9c759578be5cbc955
SHA1 889c33a6975a638dfc92b6c1266d4b38e6696f83
SHA256 207d097d3c0df63bdb82835fb2a71ea0a889f1185bf3dbb2a34acb416b630182
SHA512 4de90a3fda9e789ebdb94d521b357fb50470dafe3985e023f4ec3df58cecfdd50ec47c7aa34f036bb788f84dd73ae374f3ef5c9af4b2e8b7e0382775e403cdc7

/storage/emulated/0/backups/system/.confd-wal

MD5 86753ce2ab1e5e92dcc567ce6643f619
SHA1 a820a110cc87ddf7eea99eeeea16d2bc9cff6797
SHA256 170b4c37fb8df950a5ffb92e90d0b58227b484244161a9cb2f8982fdd3dc46b9
SHA512 358d1b8f0397fe4b911b9d0bc238a58e803eb0320620c0e3c401bf9733c50b32e5b428e0fb16d8c8b1f7f2a29b20a29527250cb6e2067c8ce0b1938570af89a1

/storage/emulated/0/backups/system/.confd

MD5 64c7f6edc58e517065d48eff3774b1c4
SHA1 3dcc97f5e036dcb219a8a9389a38923a4c54c34d
SHA256 41d743f332a1a617b59e91f61266ac43599766c4fb1cbc9342f9e7a48f3e5c6f
SHA512 1b2a3858502f56e7bcc7577b72a422b12e256aa2361854ee6e1c6359089ad14b36946bdec13bad5b510e47ea527a2d45cb88082f3a39e247338a7f1e36782688

/storage/emulated/0/backups/system/.timestamp

MD5 8b2a63b285027c92ab2a788e3ccd5dde
SHA1 346fab026acf06d1de282f73145fc110c5c61d05
SHA256 582e65a0517cc653313dc4df619cc78586c3ea94903c088216da1d7fc2835555
SHA512 d6aea65b96428bdd96252f21461ab1120acaf69a51d4686327e36af209dacee354c62d8b2eac0b9a19683a53ff26f933aeed91e30647620b951987ad92b397c2

/storage/emulated/0/backups/system/.confd-wal

MD5 5059be8c3b1ed8c38870d9ff4af1aadc
SHA1 b18a44c03147a61c9c085a75e34ddc7298558d90
SHA256 7462eeecd824d9a60616e66ad3747df765c5e78f20a1fbb05518857646f3e58b
SHA512 26cc4a102ad2e7251ba5835cd657db8af41e192563cc97f8ae87586296fdc23d07bffcf8d0b7c482e5911f644fe3fbc7e6dc9389d7eb6ed398d9213c136206f6

/storage/emulated/0/backups/system/.confd

MD5 bb62a04c382543637540a8ae0ecd412f
SHA1 22a629603dd73e79df8ebd8262d601f3e9b84559
SHA256 5bc4c0a9b1a6f97e8419bfb1f4e4c72881521cec1bbc643b4aa9cd5905ed5654
SHA512 cf22f2b985151a48de92a4d99ff0cffa9d3662d09bb651beb0d175f939f8bcc0244faa286b187344110cfe43b73efdbaf2d094ecce13e6e63d83e30b6e560671

/storage/emulated/0/backups/system/.confd-wal

MD5 d1c7677c760fad9444fdcd0964742da0
SHA1 01551b917f47ced0279ffee95334f5f99f8ea4e5
SHA256 2e767619de16573e11901a1347bca1990ba25ea172159ac68e57924112e8846e
SHA512 27fa208231a0219bc761c642b512f83b37b1dcde6bc083d9a1b5cb817d4b45d696e46316c5c6d2b73af95d648e5c97f3035b39a1f38fd03f5d1e0e738d57fddc

/storage/emulated/0/backups/system/.timestamp

MD5 a30cafdf155fd7f2d7ad312b8515e722
SHA1 e9570229d0a7d15b1cea88adcda5857233bbe32a
SHA256 d1adc45a49cd6e499b45b7df235363006b34bdc3404bbd50b83ad458dfd15449
SHA512 b17a4b97ca6eb34cb33f9ae4fc8663760cf5ea1cb0612af5e2c84df72afa0e28a457f5a863389cf158cfba37e9a9cef02a793f07126995d0ff3a13d3c8c90d34

/storage/emulated/0/backups/system/.confd-wal

MD5 d7a9b98d99ef6cb2b7d29dce9aee6e9b
SHA1 40a08b3a43b7e6aa2a7e34afa5925619bfb164a0
SHA256 632c2bcc70db5d0ce40872bbcad34a3a63c2222352938a5865bbe12c8b2728cb
SHA512 875f2aa905bf2095f5dba2ea3364dd15b8878054ec3df5777acb384be172e27a011f2087247ee847077dee09b2f7acc1c689f0b6f76ad949c818c2b3152ff736

/storage/emulated/0/backups/system/.confd-wal

MD5 4b9867105985ab66c96c9023481981da
SHA1 804e6c69b03ac83936d497196b62a4cb5b610135
SHA256 96afcb382cc27a05508230bed62cf3e262150c7d9611bf70caf55c16a1ceeacd
SHA512 e741bb57b4606e800ff4a411107f5be50c34e5e2918b05a6b7fba5c980748160569aaedc128b47e8d9354cba0cb676dbd028490a03b6c3f1fcc43008132ffd28

/storage/emulated/0/backups/system/.timestamp

MD5 b76e1e80a4ced1a3fbd5be2869853429
SHA1 b4aafea52d2a331224fb3b9dc360ab6e975af19d
SHA256 5acdd5c5a41cbc80065a3d39eb49d55ca70e5b78124324018f63412f3c009230
SHA512 665e2bc9d01419e5de48de298e4a7f79882fb0a88a148f0894f55352cee2a1a45140bbe425c26a4beeaebda7e1d1cb63416bf9bade12729166cbd1e6f4470ce5

/data/data/com.jy.ironman.app.android/files/trace_circle.data

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

/data/data/com.jy.ironman.app.android/files/__send_data_1718343932893

MD5 334cd79985418bff163133bee20ee54d
SHA1 7674c47c94c22b1ab6c4b15c1263c3c24601af88
SHA256 d3da652873682059824386d9652827c02334e96406ecafa664e644fb83cda5a6
SHA512 a531e179d01ea06a19433b3f2d6b71ffcfd625b01a546d8ebeacdfb3c822f90fba59175fe6227b1cce1a00ef465756c46f32b5ea94a912234ea1e080af231522

/data/data/com.jy.ironman.app.android/files/__local_stat_cache.json

MD5 35a9c5c0773d64329098b06b7309ad7a
SHA1 e28d1effbb792dbcadd8aef9d1eedbe26b7d934e
SHA256 17c4a86ab2f155fd522493522ff38aca618042f8d092aa3538915afd985699fd
SHA512 1bcfb08c2ae3f6f0dbee3df05c531cdf32fb3d51570e567c9cd6b83f861e48d217a20b26b7f49bd8f0e540bd6fc9d1ac0f2542b062f81736c6d097a946bb4b78

/data/data/com.jy.ironman.app.android/files/__local_last_session.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/data/com.jy.ironman.app.android/files/__local_last_session.json

MD5 7f28bcdfb4504f4e066c0de40c1495f9
SHA1 33e1392dd4c0ed3d07ba4d9d605785053298a936
SHA256 b54ef36eca55f7b264a672477806816e6b9a2ac80b68ac65472265c7a6205eb0
SHA512 49768c771262dee35c5e8a3233f6a2e945e68597a9b62a71f471049b13df08be92c9bcf8a1bcc5f03ffd305b5756f55a8430e940e4f4ad483e2f3380245da259

/data/data/com.jy.ironman.app.android/files/__local_last_session.json

MD5 70a574247789070bf2bfa4b205f69727
SHA1 df48a8aa15fe65159db8ae71db66457995169ec2
SHA256 81ab0f9ddb72680c077715668903e27da89430ed03fad90a93c49118e5a91eb8
SHA512 41e2c3db93265833ecefb654f8fc4313293670b8e00a3ab7992daebd7a4b714b756f058b80692720621ad9227a09ba2f1ab384ddba550148781ea8744b556c23

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.di

MD5 13d9c4ddb4b39bb977a071a4bcb73f06
SHA1 a7303e58db5ad691b9dac6d962983343d5b79552
SHA256 923d0bfcf55f6c0ef045820dcc19ff28c9ede60451316d77ff4c9827c5cb69f6
SHA512 8f77ab0a238d04a7686a03bec3aeda8f4fe1ac2134ec90587930d64fb72703dfdf6b1b479a5e075ab65c549d11ae76c3335dda2e48d76ec9f6fb02bce848a75f

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.store

MD5 8d2b23674f81462bcb41eb93e4c61f67
SHA1 8452387cdd34c1d44eff34d5bb0b137cd67b13b7
SHA256 73aff9414b917d6e04e6023ced60b9bc330b537e60536831f849f12059e3db8f
SHA512 951b11e4cd1a636a928b1f961f49e4791678586f085fa617a1759698a007f20b7f78af251a8d33ffc4f18d2dd78abf578ce6e112fa69cae89ceaa423dc84d90f

/data/data/com.jy.ironman.app.android/databases/ut.db-wal

MD5 68665c7aed7fab969398bf8e5a86860b
SHA1 ae3771656b13f48fadb039af6f930351ff974a92
SHA256 66cb69132f16980cad03fe8384363ad35c4f3570c00886ca726e92869efce17d
SHA512 c1555966e42e5b46cd2d1668e950fa6d180180965e8db2f8b5a9b5e4885246a2c8f6d7b4d0dcd49e2e1d8c44f373fc314b693578551418d79fa07e9f77fa9ca9

/data/data/com.jy.ironman.app.android/databases/ut.db

MD5 b2f8bb69304ab68f7c648682cd02d8e9
SHA1 cb079fadd7fe9a89e6a5f8c28d7cb1052444652c
SHA256 c32a9b20ca475938c141be576303fa515b0371b8138fc06607d74e46310768bf
SHA512 142194a35a006dc9c16b058a874cd65961a485a60bf62273c8d3f37b3eabe2ceb7f01ff7d0db42376baca3e29ad31a8fa2582b4190cef8aa08332ba53ba678f5

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.ac

MD5 850fff53e0ee1845bc95ebdcad27cad8
SHA1 992890366f0efe9f54e32c805797c777237f7a51
SHA256 62ee821a0504232ff095488510f7527b888618fffc55fe63148796306b02da57
SHA512 5219db3613c13174a8bc3cc6556524d03a3d20debcff182041d5260530bab78addf2ef88ab9aac8e45d7b8214f0dae7be376bd51cc13fddfc525ec6abc662d9d

/data/data/com.jy.ironman.app.android/databases/ut.db-wal

MD5 a5df7fe605104a7852238045a04e38ab
SHA1 f31ca6ae34fa8f69f953431aa7a317eae23e16f0
SHA256 35c9e1bfdfeb1bc0e7c951e05cfac12f310e3ace01a2e73a0d44a2d339dcd5a8
SHA512 54ff057cb13d843f9d22b02dd8c9f7e29c0a87b63e405f0c8c2180668f56350a484e83edc8e2aa3bdf02809b347a436ac66ee58b2d6098d4b02504f14417140a

/data/data/com.jy.ironman.app.android/databases/ut.db

MD5 371fbf7ca61e51d9de78707bdd09d654
SHA1 3b6e3757f8f0ddc49eaf36b4864dac4ca6a64402
SHA256 250e0f9751c964a50eeab91cd0f624a2a84bf10c6ecabac1e3f88fc4abd78ffd
SHA512 a65712f3dcfd313b11aa7571bd1f36f049c2ba73cb539d2d0c69fc130468b5adc1b7aae5a2f80c7fc592fcb39e5d3ad8c75a25de6548c2e07585582e5bbe0536

/data/data/com.jy.ironman.app.android/databases/ut.db-wal

MD5 e38e80990cbc3db652073159f9e2918d
SHA1 a6cabffd1f57943bde3152b586f20147c16ef42f
SHA256 4328f4beda2eb7bbe6e6e7eca97b5913a6a3e861582c796822253c2c37428bc0
SHA512 db8b22691378452abfd8b18a9f488981e68a83235aa914d05dd613bea11a9524f6a0f7695d4ececd7e5f581d0bcb697891af0cd62e040f5575d11405c8ab6585

/data/data/com.jy.ironman.app.android/databases/ut.db

MD5 7b4dc089dff1e19a7bbd085eae3d6862
SHA1 d5feaf0fe9b7d8081b445b6018cb1054e6f6d8e1
SHA256 1a79f30a4b018ddf2249512d354a6fc6e981462fb6be10af94390432f043093d
SHA512 050424471166db246adadefd0afc795847d7cd680963ad14658c56bce5ed4c18a7888d70a20aea9fcafa934b253a78792ecbb97e7225e608193467e9c0c2fd95

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 05:44

Reported

2024-06-14 05:48

Platform

android-x64-arm64-20240611.1-en

Max time kernel

174s

Max time network

185s

Command Line

com.jy.ironman.app.android

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/bin/su N/A N/A
N/A /data/local/su N/A N/A
N/A /data/local/bin/su N/A N/A
N/A /data/local/xbin/su N/A N/A
N/A /sbin/su N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.jy.ironman.app.android/[email protected] N/A N/A
N/A /data/user/0/com.jy.ironman.app.android/[email protected]!classes2.dex N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A s.appjiagu.com N/A N/A
N/A b.appjiagu.com N/A N/A

Queries information about active data network

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.jy.ironman.app.android

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.204.78:443 tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.201.104:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 beacon-api.aliyuncs.com udp
CN 139.196.135.6:80 beacon-api.aliyuncs.com tcp
CN 139.196.135.6:80 beacon-api.aliyuncs.com tcp
US 1.1.1.1:53 mpush-api.aliyun.com udp
CN 106.11.253.96:80 mpush-api.aliyun.com tcp
US 1.1.1.1:53 app-api.12kedu.cn udp
US 1.1.1.1:53 adashxgc.ut.taobao.com udp
CN 59.82.33.253:443 adashxgc.ut.taobao.com tcp
HK 162.209.243.70:443 app-api.12kedu.cn tcp
US 1.1.1.1:53 dxp.baidu.com udp
CN 39.156.66.180:443 dxp.baidu.com tcp
US 1.1.1.1:53 adashbc.ut.taobao.com udp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 140.205.160.128:80 mpush-api.aliyun.com tcp
CN 8.132.215.224:80 beacon-api.aliyuncs.com tcp
CN 8.132.215.224:80 beacon-api.aliyuncs.com tcp
US 1.1.1.1:53 hmma.baidu.com udp
HK 103.235.47.161:443 hmma.baidu.com tcp
CN 106.11.243.160:80 mpush-api.aliyun.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 106.11.248.144:80 mpush-api.aliyun.com tcp
CN 106.15.83.128:80 beacon-api.aliyuncs.com tcp
CN 106.15.83.128:80 beacon-api.aliyuncs.com tcp
CN 59.82.33.253:443 adashxgc.ut.taobao.com tcp
US 1.1.1.1:53 mpush-api.aliyun.com udp
CN 106.11.253.96:80 mpush-api.aliyun.com tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
US 1.1.1.1:53 s.appjiagu.com udp
US 104.192.110.60:80 s.appjiagu.com tcp
CN 106.11.243.160:80 mpush-api.aliyun.com tcp
CN 8.132.237.161:80 beacon-api.aliyuncs.com tcp
CN 8.132.237.161:80 beacon-api.aliyuncs.com tcp
CN 106.11.248.144:80 mpush-api.aliyun.com tcp
CN 47.116.84.225:80 beacon-api.aliyuncs.com tcp
CN 47.116.84.225:80 beacon-api.aliyuncs.com tcp
CN 59.82.33.253:443 adashxgc.ut.taobao.com tcp
CN 140.205.160.128:80 mpush-api.aliyun.com tcp
CN 39.156.66.180:443 dxp.baidu.com tcp
US 1.1.1.1:53 b.appjiagu.com udp
CN 180.163.249.208:80 b.appjiagu.com tcp
CN 59.82.33.253:443 adashxgc.ut.taobao.com tcp
CN 106.63.25.33:80 b.appjiagu.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 59.82.33.253:443 adashxgc.ut.taobao.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
US 1.1.1.1:53 mpush-api.aliyun.com udp
CN 106.11.253.96:80 mpush-api.aliyun.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 140.205.160.128:80 mpush-api.aliyun.com tcp
CN 39.156.66.180:443 dxp.baidu.com tcp
CN 59.82.33.253:443 adashxgc.ut.taobao.com tcp
CN 106.11.248.144:80 mpush-api.aliyun.com tcp
CN 106.11.243.160:80 mpush-api.aliyun.com tcp
CN 59.82.33.253:443 adashxgc.ut.taobao.com tcp
CN 59.82.33.253:443 adashxgc.ut.taobao.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
CN 39.156.66.180:443 dxp.baidu.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp
CN 59.82.39.254:443 adashbc.ut.taobao.com tcp

Files

/data/user/0/com.jy.ironman.app.android/.jiagu/libjiagu.so

MD5 2c1a490890ff15348d2fc3815b2cfb3d
SHA1 922e1e5539c40ad5bed578a9cea9f076df02eaee
SHA256 4a272d3707e61d656a95d20b944a402a4ae39b79013e3a47a93c0faa3eefc6da
SHA512 3a910269e855c3c9a31e40d2d18d166d3c3dc08bb9b063e363be8e737181389e9cc67be8d9ef8d1a63ca0500d0d028aa2562e6fb979beb1a1cccf0fe4d1d1853

/data/user/0/com.jy.ironman.app.android/[email protected]

MD5 78359f69764c9d302e95fef27f76cc76
SHA1 45880b98146ebb7af2bb829a07375c27110fd5b0
SHA256 622adac1688710914b34fdf10a8c9211f04d7cf9d16a664cdb4535e0e1eea122
SHA512 0a45873853515fbf02388a3cd1ab87b48f12d43ce21fe3999053f20aa31aad3493fc3882221ded46abb98724b659bca85cc80f084a91a0e294d6a6cfcd052515

/data/user/0/com.jy.ironman.app.android/[email protected]!classes2.dex

MD5 a82a308fcb7420d422467181dbea39bb
SHA1 fcbd2ca337f8963535c8f211437a487c84f2e43b
SHA256 12715a9ff0118b0a99b28e65b91010bc8af1cf15cf2fa63391a9c1c67d4d1571
SHA512 bf99f9d8f94c7706fe25eae6388a1560bbb60efb30b08578bd70cb433830fbd9af67462582c830d819ab4e275ec7cb69e59aa9c41f4bbfd776649096bb977e52

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.ri

MD5 0333967c90763a1ef9c9b817a2196d8f
SHA1 117650825d347746920ea257de1868d02f1239c5
SHA256 d116b181665599f21fa97a9bb8c8b8b703940fe0a2c597b2dd95319f3f1b4dcc
SHA512 86a73b2d7d38be90ecbdf9b7442f2760d00aa2a22f1d09f924b60604a5836e972435507bbfec514e9c92bec234df9f3deb94c592cea452731d7e1645125d78e6

/data/data/com.jy.ironman.app.android/files/.jiagu.lock

MD5 afc9b3298545af25be476f894f3b4717
SHA1 58b11051dd590ada6c7908142df0da0551560e20
SHA256 0955cbffa2af81500ebb1e65eaeedfc47ade8b1acabcecd1475651c649c4ec6b
SHA512 831561be24e2fa0b2d68b35bb0940756a53d6fa05c7758fd9dd7412e3440931a1d4358467dd2590c6e87c360dbc48edd2e8600a2c4b4ef7ad32d2277fcc45196

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.rd

MD5 cbe875b8139124e2cd5ca53e97585bcb
SHA1 0b1f277908fe88841d373dcd8d335828d3f39099
SHA256 7dfe8e58e289fe876265dea4b4fcb78a632a6fc3fd3deff34519f8a7778c2c5e
SHA512 a2a0799744d7cb2582abea08067620de8cb9395a50ba4d03ca48aebc412f3dd91732cab92bbe68621869a42cfcb8da6270b6f720816454d710c2ff1a0415c6df

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.store

MD5 448e391c59eef34ee1defbe4dee4c41f
SHA1 df1f890987371d7d8e6963c68b787856e42bc146
SHA256 55612e17689f4bb05f27e18b4f6d06ffef92a6a8893a5cfdd3d5b99a6028b549
SHA512 ce336ce895ba861dda7da27e8869dea065eb3c3403cac55cdf1935409e5ebc95b495370f87ed7416af20af533b15615472e333ae9f2fd2713040f526835399b7

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.ac

MD5 3fbf2c51473410d8a0b09cbf00be0bf6
SHA1 49aa71e25885bb3a6cfe3c5ae973440927dbd0c3
SHA256 e387a8a7a962ed9a3b5b81858b506056fa085766ac13a6fac7909c2210101d3d
SHA512 380528fe5e8eb148431b92b16bf7b209ce205ea563cee8fdfa97b8a2836a622f1b4f310d8a710b02193d940a648cfafb04b0c78f3ca350169624ab13fa2b3a0b

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.ic

MD5 30c23761cf8e1a77016814b70e67e5cf
SHA1 d2694d8698eb58271196a3253b05dc94ef49ff85
SHA256 22ec16d541034ac05f4125dbc33dbcd3521a94e7f028fa2f56c5caecbd0c9747
SHA512 ab3ad177a57d69ad24395f31b52e270712b8634203940bbe2766a621fdc2e365c760046e7ee0278db70edd6a1b4f82f9333b141100698f66d07dbfea50a6684e

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.di

MD5 f6926ae4d892d283b109c4c9278f284c
SHA1 7cfe164a27e57848b97bdf23afb51fb8596bdd07
SHA256 ccff425474b3441995929d3e7107df18e76664b6d4702887e5c4b4f883908183
SHA512 1e38ee39af6369f0f6379554305a9b0c1223b6ea5ac59db8e84094696e5330078bc1c1f06938a94529bdf289ee0baa7f3b1323aa0a5d222c83466da113425b0c

/storage/emulated/0/360/.iddata

MD5 396ff030da47c0a0dcaf62cc1c16e1b3
SHA1 be493930643773c0e7acf8626f8a3b4b05d469b6
SHA256 2071260ec4e20a6edc31692134ee0ca1e3bff462c300737b347a1ec317f3eb63
SHA512 ab4b6556437dceccea88cf58b03d00cf71ac607da2feba4780950b3b8c4cb8ac91c79ee298b0de7b8df47291759ce7e060786f1bc235980be0c9bc972dc07e93

/storage/emulated/0/360/.deviceId

MD5 4c4c5285293d5141f582aefa4e038669
SHA1 e01852a72e5a8e6f7d63a21426b515118196047b
SHA256 36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731
SHA512 097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

/data/user/0/com.jy.ironman.app.android/app_tbs/core_private/download_upload

MD5 4c6ca3dc1453d98f9de203973f429851
SHA1 e2e853510dc167591c280c433515abb74bd00abd
SHA256 47d101d50fd283aef43e78fe4ec21dfc21aa27ee11bfe31b12b4e85aacfcaf99
SHA512 2610992d8e373ea18a54501d649ef40a7744fc92337ae9e64af8ec390c5274a0fed11594ec7e3c50587315e9df99982a3be4d79edf3ad6013cd62ee050d61518

/storage/emulated/0/Android/data/com.jy.ironman.app.android/files/tbslog/tbslog.txt (deleted)

MD5 785709c7f9d0dfecff3605e0f979118d
SHA1 7edebeba695fd7cd9609199241d31c36c2b9071f
SHA256 345f98204aa515c4d9f8acdbecd92c16eea0381a89558248cd529a8fcef7185d
SHA512 2b17d9e0ff7ac3dbbeb50132766766564bd384d86c556bdf13671087bc25496651f58d0ee3f051f2a2fb24e662154a43dc91b8b521b7f50f9003ec4ce258cb69

/data/user/0/com.jy.ironman.app.android/app_tbs/core_private/download_upload

MD5 8c9b93ce08b2d9badc9c0d01e4fac187
SHA1 450faf33ac21fae14f7dc78936c6fdb607299f3d
SHA256 855cd1a3e8e4eb63089062efe1dac6ead5bc571b9379cdc3ae7ad48ee1f97058
SHA512 f47a5fea307df3ddaf515e87b5068627bae7bb4b144fe0a9a9362e30f80171b4bc7e6aa59c6bb28c054fe5766efcfb71c5b9c31b75902e383b58fe3fdffbe076

/data/user/0/com.jy.ironman.app.android/app_tbs/core_private/download_upload

MD5 e1f43841535e62cf58da8910b1db9eb1
SHA1 45ef475e5845dd3d8334cf6d3f73ce7e23c3ca67
SHA256 35cd622b3468b688c6602b5c72362f640f9572bff642a83e8a2573d771908a79
SHA512 8a8227d203e6cbc14e3abf232be4997392630aa382bef5225552e6caf36f8e71d24a3e5f6df5e4c242e9057235130fdf444bfbff59893bd1480e73f4c2b91607

/data/user/0/com.jy.ironman.app.android/files/com_alibaba_aliyun_crash_defend_sdk_info

MD5 89f8026df0cc2879b62141ee83b45c20
SHA1 51863e2845d7fe465893aedba6a003e194bd0a35
SHA256 c138015ca8765d260512bc4fd03f1c7c114ae183fe73a706dd215c542b6bc1d7
SHA512 09a53fb5d5509a3a67380977abc6e20a0970a0dc387f6ecf4646e9df837124838dd552a54cef2e016fc05ebb1e3510d229038b17f5b48a632356e2b12d538e36

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 d85bcfc56627f4579f8a11a07a23d946
SHA1 af274f3d9bb3c303cbff0b95d3a1d2c554c1d925
SHA256 12b655c9ce245e1dd094067e983ea30ed5ba5a5f477bddd7ffde98a3a2dddbd7
SHA512 9a3c0ef6bedf99c53211b84ca5693fdcdf3e342e4f171fb7ddb808b5eb1977a511c2ca3fbcfdc7d5673aeb0fdf637b72d92fc448e2838647f19c3a6140eb4f07

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 894873946e01f36b3b2a942cd516801c
SHA1 baa4b56df446338a44b2cb6a4f76326ef9cd6970
SHA256 43c77978695a703c030cf1e8b4448d86ab554cc0a3c641059407dfc2bcce3079
SHA512 6c2f6370379bd8ba254c26061da97ffad5ac817268d0834a09ca9d354bb31d4a33f1fb8fa36ecf19bc7ff08718568aa33ec9e9fc077b5546321da2e59055a894

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 9e5761326d9ea728b5ee50bf650ac0ac
SHA1 bb26f2da60d2e0bdb345037ae303c3832983dc81
SHA256 49e1cc4b0d095c1295933ae01b0ff320884d095b19279ff9161d4fad42218d58
SHA512 1e3e0db8c94cbe07f85e68aad23bff5209285d689ed8e6e1d001dd726367f59603c2ed614e0eaa0928ff3c62f30a53ed5ff8e332bccf67431ec8abcbc4bd12f0

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 fc34aad42659290cb2d7997a329fb2d5
SHA1 d4f11b6ca2fc1bdc7be4e28a5aa1d26cd7e612d7
SHA256 b80a8cca6bac2933a9ae9f42bc594032fda6cf3c47f7b4234af10d8ffa717bba
SHA512 f2c9c951468bc273e83c1b8967dfe467b1eaf5cce2cc8e1b4300517c4c654eeb1f77f842559a5023ec6c6a3126cbc2bf5ef26b5272ed96ce71cf58824392d336

/data/user/0/com.jy.ironman.app.android/databases/ut.db-journal

MD5 5ca5eb119c83cae0d498de8e3fc3df2e
SHA1 adf144b032a3d5aa02f494947b49ac2c0b6b9224
SHA256 7e2f09521ec8c98ac913f8e776c67338e926db5805e92a708b29c9dcabe90ae9
SHA512 12bb863a93504058162f4c8eb707ba7ff7cf9aee84ee565a7abec47379448b6285a85085f46da74298df4cbbfee9c4e816c05e6e878059493bff80ac480e8c61

/data/user/0/com.jy.ironman.app.android/databases/ut.db

MD5 75694e403dbc728c85b85d55d972d357
SHA1 346ce6fb424f486cc32f7f46649649470cd57225
SHA256 ad9862b2cfa8b250817df299b073d617bba35aa05292f7f0c6cadcefd47cfaf9
SHA512 591d814f3bdba7180588ec333b554f946a977374df798bf69a352b4f1f0b43a412b5998622a059cfb3ad94eefb56d6ae62c6fe7dfefcb9ec5d47b98971bac6ad

/data/user/0/com.jy.ironman.app.android/databases/ut.db-journal

MD5 2787e91e3e2b26aeecdfe9979ec42697
SHA1 b8557880f6b9b3e8e41a066a8dd632b1f391f475
SHA256 eae968541a9279b5e7c01b293f612f26a2a538359860378e457d6883653a81c9
SHA512 ff24293321578023e154117b321d65c0f0fc25f3a854387fdd767cbc0dad100437fbfea0e663d6aeb6f80c34d2054a46d48510c96376e356472d8c6f21da9af4

/data/user/0/com.jy.ironman.app.android/databases/ut.db-journal

MD5 b6c367d15cca808ad2506bb1c1957e0c
SHA1 bd48cff51a613d910be33f620a727c91c82a454e
SHA256 0e9ff34ab63823e2ba41d7e497ab3550b6e6bf5984bd157c09178d34937dd64f
SHA512 81b795a192417b14e436fc13a87fbbb7a3752e72161df0b2c45f36b5b04f95eebf420d49b7ddf5f26c693451070273b68d279e5f98e53c98f7c909fe710e24b8

/data/user/0/com.jy.ironman.app.android/files/libcuid.so

MD5 bb75e3e8063ed9f19ecb06d8e3475c56
SHA1 b6738d74efac4c64920ab787034b363907db144c
SHA256 54ce53d8b074ac3be28cec68196597fa9e4f0e70178913a0396ee268b966f64b
SHA512 12aebda72d151560e7cfe29b123bf5375e60dc0da7bce0eab9eaee41f063659669e2596ccce924bbb509039968e57ad9ca9d7855b19a0f23e912a9b6236ddbc9

/data/user/0/com.jy.ironman.app.android/files/com_alibaba_aliyun_crash_defend_sdk_info

MD5 df21b227deba040cf0b040d0e65e4440
SHA1 a83676d8341a2ecbf72a0081329e0cb17776c1ce
SHA256 5b01d57011d37b1696b648854a857864d6458647e7f80c30ac580deaf6128007
SHA512 9703d6f599af75e19ac4542e4ade16b8fabb637477cdbd671dfda039364e649e41eba967ee5aef0c2a0055e70e5281fd9dab6f164c124b9a96ebda0f27b89a40

/data/user/0/com.jy.ironman.app.android/databases/ut.db-journal

MD5 c9e68a8010925caa2ae113cc68f57356
SHA1 694b6fdb74f86ed9326b322285d62f071dd0f21f
SHA256 a6d4659763b7671f14803a00e5b71e033c1fa87e7566bc2c3878693f11db3aa7
SHA512 010bd8d1dc373608897b87a6ce761d71f2786e6f31f807d189b164943a5109ae3450816fb72857eb828aaf9e89d7c7adf29e930b47bf1a034c0be31ab5e10fdf

/data/user/0/com.jy.ironman.app.android/databases/ut.db

MD5 5d20665cba5e0b5a5b6842b3ca0e3f1e
SHA1 7d4dabda702542dec9531e2036e7a7072693b207
SHA256 14133a8bc638498edd54ea899a7294716b2df3262817f76fb7c50a246b61f340
SHA512 d369b7527c9381b8aa71632d82ca6a6ec61a31843997faae9d2a083cec95a17bc3194a08fc09f6c38ab0004277bd8d16d051f04ccd68a792f685b876bd1934fe

/storage/emulated/0/backups/system/.confd-journal

MD5 970a677afc58aca655037a0bb529d08c
SHA1 42f1edf84fb21ce51acd9b0a79248de010bab620
SHA256 ad7c32cf30af29456cacf9b804cbee1b0bee9e5c2329f49733c2fe76e4aba7ea
SHA512 981dcf8f90bb089c0f5d89bc9b842a726fa53b1c826410614a9eee004df64d360c291ad20c2b4cc3283e2ba708039d731a5703f998dc044c406bc405bd8ac2e2

/storage/emulated/0/backups/system/.confd

MD5 1c8872cc763afb2f791a9347e8dc895b
SHA1 92d9e156ea2640bdaf7e883cb8e4e11264e381ab
SHA256 72d1e0672f5346f5904aaa5cb09085dc2b71bc594034760bce25fe973fccb80e
SHA512 58327074c8b6442221caf181c2f979714d98240c4a8e43ea41b10eb11f67d3941731ad0ac0a6edfe49f2fab2081f4e8cfbb22ffc2652648ecc594054c15d8e00

/storage/emulated/0/backups/system/.confd-journal

MD5 fb3de2d4056a1979f25fff711c8705d5
SHA1 133864e2f9e2b30489e95f2bc1d83e7a4d1565e6
SHA256 373a608648677ed62474f66efa9b31a986e313483bb2cc0562e2894a6cb6ba5a
SHA512 d461c56d8e32e0f21b938e4d400ac419b50ddd14950b696d969f2116ff5dee08d803db89fc7b49fc8644ca6b94e1621dc71aae809a6c450c86aa83df9a506925

/storage/emulated/0/backups/system/.confd-journal

MD5 2655f4d264873e614474355ba5788a3a
SHA1 09082bbe4c9c44e870d80109d953dc38d4b0052e
SHA256 5bffb02a4fc7576188cb921cd77fc59b29a751d1c911c7e0058e8698dd52a0de
SHA512 4907f8be79342118d6b0419ea3c0bb05846560d6a3735d210634c4b8897c11bffd338a76ba554c9104211899eacc21720bca66798c9678eb27034797b042272e

/storage/emulated/0/backups/system/.confd-journal

MD5 54c57dfeca42d8a6aedec3240b53cf55
SHA1 5f88558795260693ed1c48e1ff276aea2e4de6e1
SHA256 99cd26e06848ab3972e6a02a0d576cb2a453c7d92ab669f321c07c1f07c8dda0
SHA512 4b8bc614d315e1e4275a40bb6c594a569a08e724bae478a6ae88ed790b6591096e8a1bc9122b4efb0f6e7fc509ca7a00dbeb81946aac538703a10215c2f96112

/storage/emulated/0/backups/system/.timestamp

MD5 591d3100dec11d1508003df011864267
SHA1 6b2f3a2f0c81e4dc23dfb5a6c861e6b59e5a4053
SHA256 cd69b3aed708bb420207ef021ab0b57da6c4a6e3aa20990955248b8f3c2873ad
SHA512 ded46e623de1556daa183642d8c967a9db68cc0ea4e0e7079de1acdc669de3f735805001164bf0ff67a8e815b0edac2f615a37f13b4a88c8566f0730b42a91f6

/storage/emulated/0/backups/system/.confd-journal

MD5 1a56c31af988a5b96d8974088b9d2a2f
SHA1 a91d57d0c2affbc3e86eb432d50a0a0c7cf2b320
SHA256 c928460c69a93a0014b9bb7175ad351ec8c84ceb762a494a783c5daedace4109
SHA512 9dedfefc98404bdd7632680a33eb129786b6fed687f70a7e80c57361aa31e2eb22eebcb57815fbff1ceeeb4dfe37af197f47c5ef33b75ab18e82465a7e000ca7

/storage/emulated/0/backups/system/.confd

MD5 915b14670a6e358714ac6afe9458360d
SHA1 a80bce9280db4aa28fa17f27bebdc9c1075ca964
SHA256 03024cb648aea2f615db16ad719bb230e4f7ae7b54c47dac309089821c45fd28
SHA512 ca97b5a8f52446894d36feae7d8d3a76e0d361b914027705ee564ab7b4855faa7faac702ee3d1542a9c2c253cf60fc6e0c1fc517f998b1b92559c36a6170180a

/data/user/0/com.jy.ironman.app.android/files/trace_circle.data

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

/data/user/0/com.jy.ironman.app.android/files/__send_data_1718343923531

MD5 63dbc4501c0eac07fa621dc3f0117de7
SHA1 83b675f3331a7263101ceff2d1783434e381366a
SHA256 1f7c0345013923db1aa98eb1cca50e23d5e620ba5e6d4a1b89ab9a3190624659
SHA512 9b3e077fc8e514f4c3221fc9a7dbcac5ea586bfa937fb42103d4470588a90736041eab3e56f465b24ff5dab0677190f1f2b0d814c5fc50e246cdbce25cd606e8

/data/user/0/com.jy.ironman.app.android/files/__local_stat_cache.json

MD5 31d1ecbebc6db8b1a54864f0b5fa670d
SHA1 6e8260b67d258cc07417aa34632e7735f99b0380
SHA256 4784f5a2a72801068e75ddac954cc013ec2a23e42bd5eff57acaf05cb0da1eca
SHA512 91c606f658f3af1943352e6e7570eff363019ddf2bfda3b726c3084fccd84e39a4e873a96d1e0c543249bccbc82c3cc0517e8c8cc45be2a2f89ce8e50c128072

/data/user/0/com.jy.ironman.app.android/files/__local_last_session.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

/data/user/0/com.jy.ironman.app.android/files/__local_last_session.json

MD5 e0b3d1884b09b0f903d499f61938d66a
SHA1 266ad0da18d07f3678f353b80666e5697ea70d49
SHA256 2d5df5f5ea050d1bfc2a180cea06dc49e8173fd965f60b217edb966e0d4ee530
SHA512 60e99987f176e71a3002c6fe46b28c776b32c13bd38cec0365775dc20d155c8b1962a678b92c01a65d1e7b8f9915607483d23820d7a475ae5f8f39c92c9112e6

/data/user/0/com.jy.ironman.app.android/files/__local_last_session.json

MD5 024e3d180d1a43650732bf7a5c29f540
SHA1 6fcfe131746254de63bd0ca4c48eda9dc1dd2fb1
SHA256 aedc9bf22fb3eb29772b468077499d12d6343b7242bc7d05000a2b182ad37ab2
SHA512 a0b6895df9bba1ee6f1d2dc2218d2e99f242661d1ef22114b3a5915b6496e0c03c12fcf09033c7b4c0a4977feed57821146e1a44ecc3928c2ac86bca98d597d9

/storage/emulated/0/backups/system/.confd-journal

MD5 48e0580e91be655b4f835ac3db617c5e
SHA1 c58cf3be20d94acb613cb4c5e5d42d7543a8efc5
SHA256 dc494c97246995765b71dbe86e71b415cb253a71da5e63c91e22ce71d8b476bc
SHA512 1992c8b704d1abebb102142a0f2c5798acbe7ef73fad20ab8441a7ab7463eb5b8aa1f5d8c4ba4a5e9cf9cef11e93489a335d9f754db6c7e68bdab79901271b40

/storage/emulated/0/backups/system/.confd

MD5 34f835ea1d50ac1891510705766f6a3d
SHA1 2ab23e672fbd032ed26f7019001df90a854f8617
SHA256 27957db49bdd95274a2314877e33b15d2944a341b9850a34227f6af44407d86d
SHA512 03489da80555bf4a5a40cd2d80e06eaa04717cf54922cc9ada5cc00bb21ea1e769337fa2bb05ebfa49b937645d9aca7f2c0e2d934eb8bcc3080a195621c1e82e

/storage/emulated/0/backups/system/.timestamp

MD5 f1725b6621170f113c9001b4f44d502c
SHA1 7c4a309a38fc5852b4f76509b16dabfd1572646c
SHA256 0ad7fa9db9d83ddd0f241ea8f684473195372af8db47265e05fa88e411d04322
SHA512 3dd26844d0fbb9f5b8d96f3b88f1c53f5457e0f0bec6e986b04393b3b722aaa561b5a3f6fa5f3ec00da04ce42ea0d6a43648d7c2f4c2275d47afd30ce0d98151

/storage/emulated/0/backups/system/.confd

MD5 6b030b5aee3c4acf7d4205d64baed57f
SHA1 59d4519badb1d9193afa85671327635102998831
SHA256 cb0a76ed087ff4ff71749f80c859b992a1ca5bc17ec82960d690301fc348ddb5
SHA512 5ddbbafa5c86c93333b29e1dfabb142c9c67309dd1fb47572d99a7ca1132d5ea8a6d0ceb174aa87f6bda1e79369d95b3a553f18cd86ec82f09066c26c4fa1236

/storage/emulated/0/backups/system/.timestamp

MD5 cda202909fdb7058098a6d8e0d94d4ad
SHA1 85e1e7452f6ba086f5684514d21fe4c9176eaa4f
SHA256 e6ffc62103ba5a91422592883b1d0fc918c2b65d0d596234c8cc1dca1f146f6d
SHA512 e62a06eaef064d3084f3a38d8569f13882d1c67f17d078b2935aa501f91e05306ff0c6f19b11df50f6f00a22df497d97b6508de1ffd7d90d5611adae4def9dd7

/storage/emulated/0/backups/system/.confd

MD5 8a7a516b46d6014ad0a1d149807a1f33
SHA1 4d68165bc11404e0b842002d5c648ee1da3a0de9
SHA256 b97a4c64357f502e5fa6688707e7424c09879aee911a964722166676c6007cd1
SHA512 93cfe3e78b271239ea143ddcccbb21fc175d43e6a46a10cb7631c44ca276f12705cc9384c2dfebb64e18b80e3e7c99d706c2f9d406f3bac6a84715630adc7d41

/storage/emulated/0/backups/system/.timestamp

MD5 e9fba2e26c9ec17a7acca2ea01c551c6
SHA1 928a508a976f1ff1fb349e38bab3ad8f7d6b1561
SHA256 1e245a09aedd30180ccf1fa3d5f2ba17b6de72763ba260979133e01a7627531c
SHA512 4207c438910e5584b3dd3c37ab413c7009b87b79ea0a1e0b99755f6220e37f0983e1f22a15e5e92b053e53e669b19bebd1404bd04350dfd85ba61f515390e810

/storage/emulated/0/backups/system/.timestamp

MD5 ee1d00fe103894a8e91fd816dbe5405f
SHA1 c34e3d85bdbcd92a1ddf415fce040feb635ca799
SHA256 ee2fc16534cc24f2ee2181e27463ba5b82c3f011bd60d165505cdeba5424c299
SHA512 760f605ef9572d08eb61be01145eb085e1f5f5d2621e28ceceb4a6e6a3c6ac138e92d35051347a446be432724c934cb8feba1ec14689796af93c9a8ad75d0630

/data/user/0/com.jy.ironman.app.android/databases/ut.db-journal

MD5 8c615ff8e6b3914c3b45c33137b34ebe
SHA1 924d53da25fa7a9296c36004bfe374d2e4d94f41
SHA256 ab9090c06d54dc0e44dff0a4e1d9c4b6af39fab565c8c414b598429a112a2eef
SHA512 3c840100d1e9c5986f9802d2f1e40594527504097c3cf62778f2ad582b8edd3f56b3e3685b22f844480dc64d43d066aee4ade3b937b140b38336046a70152878

/data/user/0/com.jy.ironman.app.android/databases/ut.db

MD5 b600125f163ba5ebc28992cb24e9391f
SHA1 6d7b003881a98cbf265d0c2f188470f214899068
SHA256 7d43581ff4dcebd28b63d4721ea1af6c399347b6e7a8a4e799182c7df30a72da
SHA512 f73b0dd8135fc7bcf440bd37e7adbaf900a6370b16eb2fe34e79c88c9740b5d1df0f012d5790a7fa5bfeb185c6fe782d25af7d4ad7b418b0f07674c667f85281

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.di

MD5 8ca612fa1f66b72e02c51e46f12c585f
SHA1 b18b0b8fea3792390739f71cbb3dff091f981d09
SHA256 b6fb0be39f2c424d9cbf166a7a548d55ac0eaa8627bd26584c93b06741cf797e
SHA512 b6f0a63e91ad82703df98bce2d693176ed820d9bc4ee2b39ec91ba83029d53e2c02892196f0e58a919db12f4c9a239be84e853fd5df1bd7df7f0449aede88cb7

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.store

MD5 92e5b24f2f7375af70a433c006f75b4f
SHA1 d52c0e33bd273ff62ff2aad6fc192b08a0e029f3
SHA256 9ed570cb2aba9b3f920c9ac0b2f9f1da40b9e743a4bf0d2e3561f20d8b772bbd
SHA512 10edec6cff96ed4a273605d4191798720f7527fb2c7f80a65d39306caa0413ea2ef4b4f70a691e7f5483a13421b1699a4a32c1a739aeecd7dcd90b0146a8188e

/data/data/com.jy.ironman.app.android/files/.jglogs/.jg.ac

MD5 850fff53e0ee1845bc95ebdcad27cad8
SHA1 992890366f0efe9f54e32c805797c777237f7a51
SHA256 62ee821a0504232ff095488510f7527b888618fffc55fe63148796306b02da57
SHA512 5219db3613c13174a8bc3cc6556524d03a3d20debcff182041d5260530bab78addf2ef88ab9aac8e45d7b8214f0dae7be376bd51cc13fddfc525ec6abc662d9d

/data/user/0/com.jy.ironman.app.android/databases/ut.db-journal

MD5 bb6739e9c12a949182dcfbfaadf6da78
SHA1 2dc4a1869762d20be7fa009cee5f589bd452eb3e
SHA256 331779fd5afa11ede43f69c9e3e4de8bc2ff801572799147e91dff58d5869aa0
SHA512 cf8957ae93c850863f1f3d618fd5599f1227408de8abc999111f03a70fec1975935cca28f55ffa3a670a566e88751601ad76f9a83ffb8ed78caacc5fcf4d55ea

/data/user/0/com.jy.ironman.app.android/databases/ut.db

MD5 f960137b043ef99478a14a8a8d9a40f8
SHA1 ee963a583675b127595ecac3898dbfd27d3bfb92
SHA256 5c752c9fe820851c52f4d3767544010f6288fadd201489806da685073a903dfc
SHA512 9149e48cc8a7e9eead4d9baad6b974deae8df8969af259b2906950e340848f9defce7292dad322bfaeef14e0441b379cd0319475e96500fb0849e423e9357fad

/data/user/0/com.jy.ironman.app.android/databases/ut.db

MD5 2bfe97da500a4406595261dd3f0c91e6
SHA1 566bbd9e65a1e09204d574ec2648f555c36abaaa
SHA256 c8f723835ba8dbea8c185fbe3e5725bcc68004086f98da1fc70e2f642e17c1f3
SHA512 37b151084b8f5cef3db1c51865dcbfc472ebb406fa7cb45cfac8cbfc26f9bc0fc0d299a0f3c6ffc0a12f7128c8938e573cbe98ef293b1933a19acfde0fca2f03